Sha256 vulnerability for full rounds. Circular hash attack.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Sha256 vulnerability for full rounds. A Circular hash attack(known as fixed point).


Run to check my work


Free-start collision attack

A collision attack where hackers cannot control the input hash.

Circular hash attack

Finding input_hash and message_block which makes input_hash=output_hash. In certain cases, it can result infinite set of collisions by chaining arbitrary number of circular blocks. So, this attack makes one hash value permanently vulnerable to collisions. So, I decided not to publish another works.

Attack methods

I developed an entirely new type of cryptanalysis theory to achieve this. It has a similar form comparing to differential analysis. Individuals found ways to reproduce this vulnerbility using SAT software. It's an another approach, not done by my method.


I've been noticed by several individuals, thus 'circular hash attack' isn't the world's first type of attack. So, I fixed the description. Quiet sad :(

Some people told me it's easy to find fixed points for Davies-Meyer structure, so, it's easy to find circular hash of SHA256's. For it, I cannot clarify at some degrees. First, SHA256's not exactly a Davies-Meyer. Secondly, finding fixed points for such structures, claimed to be 'easy', has complexity above 2^(n/2), according to Wikipedia. It's still an infeasibly hard problem.